On 1/19/06, WaxDragon waxdragon@gmail.com wrote:
You are not a judge with years of experience in law. Whether or not you have any kernel internal knowledge is also irrelevant to this thought experiment.
No but I am someone trying to be objective that has spent a good part of the past few years reviewing case history for reverse engineering cases. Its more than we are going tot get from some judges.
Why did you have to do this? Is it not possible to write a driver that abuses fastcall to make a mostly working implementation without having to 1. look at and 2. copy the existing object code of Windows?
Alex clearly stated that there is only one way to perform that stack check, let's quote him properly:
"Note however, that there is only one way to check the stack: cmp ebp, esp. Unless you want to consider cmp esp, ebp as an alternate method."
As Casper said, it is legal to use that information, but not legal to *copy/paste* it into ReactOS. Alex clearly comprehends what that bit of assembly does.
Once again he may have stated this but he also states he disassembled Windows. The issue is the methods used to gather the information. Reverse engineering is legal if there is no other method to gather the information which is why I clearly asked "Was there no other way to get this information" or let me put it another way....
Alex: did you even bother doing some sort of clean room examination of Windows behavior based on third party drivers or some sort of testing or was IDA your first step? Checked Microsoft driver assertions and debug symbols don't count.
OK so someone else sneaked something in that violates the rules and it was not caught. Lets just check your argument for a moment and say you could be wrong about your development methods. Being ..."clearly commented, organized and structured..." does not amount to a hill of beans if I am violating the law and or project rules. I can make bank robbing plans that are "...clearly commented, organized and structured..." I don't think that will gain me much ground in court.
This analogy is invalid. The legality of this issue stems directly from whether or not he wrote the code. Robbing a bank is _always_ illegal, writing code is only illegal if you copy/paste it from a legitimate author, or implement a patented method.
No its perfectly a valid question. In law there is this concept called Mens Rea which means intent. Was his intent to create a independent unique work he himself created and he just needed the information for compatibly reasons or did he intend to just make it work without caring of the consequences to everyone else. Hence the question above. Was IDA the first step or the last?
Alex's structured and commented code demonstrates comprehension. In this case, where the code's function is clear, and constrained by implementation details, the code will be similar by anyone who implements it. Alex's comments and code structure shows that he understands what is going on in the assembly, and most likely shows that he wrote the code, as opposed to just copy/pasting existing code.
Just because he understands the code now is irrelevant. Its the method of which that understanding came. Because our work is going to be similar to windows the arguments about a derived work hangs upon the notion that we are independently creating our own implementation rather than looking at the original. We can read documentation about the original all day long, we can examine applications and drivers that use the original all day long but when we start to crack open the book of the original implementation we run the legal risk of being declared a derived work.
It only looks suspicious since you are not a kernel developer. Again, not something a judge would concern himself with. Now the prosecutor.....
/* Skip the other registers */ sub esp, 0x48
<snip>
ie. why 0x29C, why 0x48?
Since he is making room on the stack for another frame, this is a predefined size.
Hmm ok. So another size won't work? Where is it predefined? I ask not to accuse but to try to understand to be fair to all parties involved. But according to Hartmut this is a clear case of copy and paste. This is why we cannot allow this to continue. If dirty-room reverse engineering was the last resort then it would be a original implementation
further. Now, I do agree he could have used the safer "clean-room" method, but I'm not convinced that it would have yielded a significantly different implementation, and we might still be in the same position.
You admit that his implementation was not based on "clean-room". My question once again was why did it have to be dirty room? If there is no other option for making a compatible implementation then this discussion holds no water but if by your own words he could have used a safer method then there is a problem.
So we are back to the first question. What development methods were used. IDA first or last?
-- Steven Edwards - ReactOS and Wine developer
"There is one thing stronger than all the armies in the world, and that is an idea whose time has come." - Victor Hugo